CVE-2021-47705

UNKNOWN 0.0

CNC_Ctrl DllUnregisterServer Access Violation

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNC_Ctrl.dll to cause heap corruption and potentially gain system-level access.

CWE	CWE-787
Vendor	commax co., ltd.
Product	commax ums client activex control
Published	Dec 9, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for commax co., ltd. commax ums client activex control

Be the first to know when new unknown vulnerabilities affecting commax co., ltd. commax ums client activex control are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

COMMAX Co., Ltd. / COMMAX UMS Client ActiveX Control

1.7.0.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/50232 zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5664.php commax.com: https://www.commax.com vulncheck.com: https://www.vulncheck.com/advisories/commax-ums-client-activex-control-cnc-ctrl-dll-heap-buffer-overflow

Credits

LiquidWorm as Gjoko Krstic of Zero Science Lab